xpi Archive

We recently discovered a Tumblr blog being used to spam so-called “Profile Viewer” executables. These executables install dubious .xpi extensions in Firefox (with a lightning fast “You’re installing something” notification that tries very hard to be not very noticeable), and also cause some redirection shenanigans in Chrome. The